Earlier this year, the vast majority of the global workforce relocated from their offices to their homes. Similarly, students were required to switch to remote learning, disrupting face-to-face lessons and requiring universities to offer some form of digital teaching. The learn-from-home model for education has had profound effects on students, teachers, administrators and educational institutions. While many higher education institutions have managed to pivot to distance learning to cope with the immediate crisis, just how the learning environment will function for the coming academic year and beyond remains less certain. In June, a Universities UK study reported that 97% of institutions were preparing to teach in person this autumn – however, 95% promised to deliver a mixture of online and in-person services. With new restrictions now being enforced, it’s hard to predict what the higher education landscape will look like.
What is for sure is that remote learning has led to an exponential increase in cyberattacks against higher education organisations, all of which have the potential to hinder learning and expose sensitive data. A testament to the gravity of the situation is that the NCSC recently released malware and ransomware guidelines specifically designed to help universities navigate these challenging circumstances.
So, how can higher education organisations effectively monitor their busy networks amid new digital initiatives and IT budget cuts and maintain their security posture? InfoSec teams must leverage real-time visibility into all network traffic and analytics to optimise and manage network performance and improve security.
Complex networks, fierce attacks
University IT networks are among the most heavily trafficked and now, with a greater shift to distance learning, these already-stretched environments must handle enormous and growing amounts of traffic, all of which brings increased risk. 2019 saw 819 cybersecurity incidents reported in the education sector, a 114% increase compared to 2018 – and this was before networks were turned inside-out to facilitate remote learning. Universities must therefore up the ante in terms of threat detection as they prepare to face an unprecedented next few years.
Of course, as educational institutions rushed to enable distance learning, the attack surface has expanded and new risks have arisen. For instance, cybercriminals are increasingly targeting educational institutions with financially motivated attacks. This year, the Blackbaud hack affected over ten universities in the UK – not to mention those based in the US – holding their data to ransom and prompting the payment of an undisclosed sum. Universities are also chosen as victims of cyberattacks because of the intellectual property they hold – which is what state-sponsored attacks aim to steal. Experts have recently warned that hackers can access valuable research from UK universities in under an hour, because these institutions simply don’t have the necessary defences in place.
It’s not just intellectual property that needs defending – university databases are home to the personal data of numerous teachers, administrative staff and students. This data is now more vulnerable to breaches than ever, with distance learning leading to more resources shared digitally. It’s clear that universities must enhance their security strategies and put their resources to good use to protect their networks – but how?
The challenge for Infosec teams
Organisations across industries are seeing their IT budgets shrink and universities are no exception, as they are facing serious financial uncertainty as a consequence of this year’s events. This is certainly not the ideal situation in which to fast-track digital initiatives and boost cybersecurity efforts and that’s why optimisation must be front of mind. In order to maintain network performance and resilience, to enable mission-critical functionalities, InfoSec teams must strive to do more with less while preventing disruption, ensuring new technologies perform optimally and remain protected, derailing cyberattacks and preventing the theft of sensitive information or intellectual property.
What university security teams are tasked with doing in this increasingly complex environment is to identify security vulnerabilities in the network (and quickly mitigate them), as well as detecting and promptly responding to attacks. This is only possible with real-time visibility into all network traffic. Insights and analysis of the network can help optimise and manage performance to securely accommodate the growing volumes of traffic. As they grapple with managing security operations across virtual and cloud infrastructures, InfoSec teams must be mindful of how they’re making use of their resources and should look to extend their security tools’ shelf life. If everything runs smoothly, they should be able to detect threats as they originate, remediate them rapidly and ensure the disruption they cause is minimal.
The future of education is still somewhat shrouded in mystery, with many universities ambitiously planning a return to face-to-face teaching, while more and more restrictions to prevent virus infections from spiking are announced almost daily. What’s certain is that the ability to offer digital learning while protecting personal and research data is what will separate successful from unsuccessful institutions in future months and years. When so much is at stake, it’s important to keep a close eye on network traffic to ensure security and performance during and after the pandemic.
By Adrian Rowley, Senior Director Sales Engineering EMEA at Gigamon